3.4 Creating an Application Definition for a Java Application or an Oracle Form

SecureLogin supports single sign-on feature for Oracle forms which uses Java 1.7 or later.

A Java application is a Java program that runs independently. The Java Virtual Machine in the client or server interprets the instructions.

For Oracle form applications SecureLogin uses the pre-installed JRE 1.7 or later in the machine. If any of these Java components is added after installing (or upgrading to) SecureLogin, you need to enable SecureLogin to use the newly added Java component. To enable support to the new Java component, run the repair option of the SecureLogin installer.

You can create an application definition for a Java application or an Oracle application by accepting the default selections in the wizard, or you can manually select the attributes you want.

NOTE:Loading of Oracle components requires some time before an application definition for Oracle form is started. Therefore, the Wizard consumes some time when starting the application definition for Oracle form.

3.4.1 Prerequisites

  • In the Java preferences, set the Add application prompts for Java applications preference to Yes.

  • In the Java preferences, set the Allow single sign-on to Java applications preference to Yes.

  • Ensure that you have JRE 1.7 or later to support single sign-on to Oracle Forms.

  • Close all open SecureLogin prompts.

  • Verify if you have permissions to create application definition. See Section 5.0, Setting the Wizard Mode Preference.

  • Ensure that SecureLogin is running on your workstation.

3.4.2 Using the Default Selections to Create an Application Definition

  1. Ensure that you have completed the prerequisites in Prerequisites.

  2. Launch the Java application for which you want to create an application definition.

    SecureLogin detects the application and prompts you to enable single sign-on.

  3. Select Yes, I want to single sign using the default selections done by the wizard.

    The Enter your Credentials dialog box is displayed.

  4. Specify your credentials, then click OK.

    SecureLogin saves your credentials in the directory. The next time you launch the application, SecureLogin provides the credentials for you.

3.4.3 Manually Defining the Attributes for an Application Definition

  1. Ensure that you have completed the prerequisites in Prerequisites.

  2. Launch the Java application for which you want to create an application definition.

    SecureLogin detects the application and prompts you to enable the screen for single sign-on.

  3. Select Yes, I want to single sign enable the screen using the wizard. The Application Definition Wizard page is displayed.

  4. Configure the following attributes to create application definition.

Identifying the Screens

  1. Use the Identify screen tab to identify the login screen. If the Application Definition Wizard identifies the login screen correctly, a check mark displays next to Identify screen.

    NOTE:The Show me icon fails to highlight the fields identified by the wizard for all embedded Java applets from JRE 6u7 and later. It fails to highlight the corresponding target for all the attributes of the Application Definition Wizard, such as Identify fields, Re-authentication, Submit options, and Matching criteria.

  2. Drag the Choose icon to the detect and select login screen.

Specifying the Credential Source

  1. Use the Credential source tab to define the source of the credentials for the applications.

    Some applications use their own credential set to log in. However, some applications might reuse credentials from another source, such as the user's network password or a one-time password.

  2. Select This application's own credential set to use the application's credential set to log in.

    If you select this option, SecureLogin creates a discrete set of credentials to enable the application. The credential set has the name of the application.

  3. Select Other to define another source of credentials.

    If you select this option, select the source of credentials for the application.

    The options for the credential source are:

Using a One-Time Password

  1. Select A one-time password from a smart card to use a one-time password from a smart card.

Using a User’s Network Login Credentials

  1. Select The user's network logon credentials to use the user's directory credentials to log in.

Using Credentials from Another Single Sign-One Enabled Application

  1. Select Another SecureLogin enabled application to use the credentials of another application enabled for single sign-on.

    Select the application from a list of available applications enabled for SecureLogin.

Selecting Credentials Based on a Value Identified on the Screen

  1. Select SecureLogin selects credentials based on a value identified on this screen to provide the credentials based on the presence of a particular value on the login screen.

    This option uses a text entry. Regular expressions are supported in the text entry.

    For example:

    Connecting to server (.*)

    where (.*) specifies the value that must be captured to define the credentials.

Identifying the Fields

SecureLogin must identify the fields on the login screen before it can log in to the application. Typically, these are the username and password fields. You can also configure fields such as radio buttons or edit boxes on the login screen.

Use the Identify fields menu to view the selected fields.

Figure 3-5 Selecting or Reviewing the Login Fields

Not Allowing SecureLogin to Handle the Fields

  1. Select No. SecureLogin is not required to handle the fields on this screen if you do not want SecureLogin to handle the login fields on the screen.

    You can use this option to create a credential set, which can be used with other application screens.

    Similarly, you can use the credential set to link to other application definitions and to identify the application screens.

Reviewing the Fields

  1. Select Yes. Let me select or review the logon fields to review the fields selected by the wizard.

    By default, SecureLogin uses the field names as the prompts in the dialog boxes. You can edit the field names to make it clear and user-friendly.

  2. Select Treat text field as a sensitive field to treat the username field like a password field and disguise the characters entered with asterixes.

    This is optional for the username but mandatory for the password.

    NOTE:If the label text for a control is empty or incorrect, do the following:

    • Click Show me to verify if the correct control is selected.

    • If Show me does not highlight the correct control, update it by dragging and dropping the Choose icon or use the Navigate to field using the keystrokes option.

  3. Select Navigate to field using keystrokes if you are having difficulty identifying the correct fields using other methods. SecureLogin prompts you to use Navigate to field using keystrokes if it cannot identify the fields on the login screen.

    To record keystrokes:

    1. Click Start.

    2. Specify the keystrokes.

    3. Select Close to return to the Identify fields menu.

    4. Select Stop to stop the recording.

      Next time you login to the application, keystrokes are used to log in.

  4. You can also specify the text that SecureLogin presents when prompting the user for the username and password.

Reviewing Other Fields

  1. Click All fields to show other fields detected by the wizard on the login screen.

    Each control is listed by type and name (if known).

    Select the field you want SecureLogin to use in managing the login for the application, then specify the actions for SecureLogin.

    Depending on the application, any or all of the following fields are displayed.

    • Edit box

    • Check Box

    • Combo Box

    • Radio Button

    For information on configuring SecureLogin to use these additional fields, refer All Fields.

Specifying Reauthentication Rules

  1. Use the Re-authentication menu to specify how users must reauthenticate. Specify if they must reauthenticate with their network credentials or an authentication device.

  2. If you select No. The user is not required to re-authenticate, SecureLogin does not prompt users to reauthenticate before providing the credentials to the application.

  3. If you select Yes. Enforce re-authentication before accessing this application, users must specify the credentials that SecureLogin uses to reauthenticate the user’s identity.

  4. From the Select from the methods detected drop-down list, select the method SecureLogin must use. You can select from:

    • Use same credentials as network login: Use the network login credentials.

    • Password: The network password.

    • Smart card: After the PIN is verified, SecureLogin checks to see if the smart card belongs to the user or not.

  5. You must also specify the action SecureLogin takes when the users cancels the reauthentication.

    You can define one of the following actions:

    • Click this button: Select a button on the application that SecureLogin clicks when a user cancels the reauthentication dialog box.

    • Type the following keystrokes: Define the commands or keystrokes SecureLogin enters when a user clicks Cancel in the reauthentication dialog box. To record keystrokes:

      1. Click Start.

      2. Specify the keystrokes.

      3. After you have recorded the keystrokes, click Close.

    • Re-direct the user to this website: Specify a URL to go to when a user cancels the prompt for credentials. You can redirect users to the login screen and force them to specify the login credentials again again.

Defining the Submit Options

  1. Use the Submit options menu how SecureLogin submits the login screen.

  2. If you select The user submits the screen, SecureLogin does nothing and the user must manually submit the login screen.

    If you select SecureLogin submits the screen, specify the action SecureLogin takes to submit the login screen.

    You can specify one of the following actions:

    • Click this button: Select a button on the application that SecureLogin clicks when a user submits the screen.

    • Type the following keystrokes: Define the commands or keystrokes SecureLogin enters to submit the login notification screen. To record keystrokes:

      1. Click Start.

      2. Specify the keystrokes.

      3. After you have recorded the keystrokes, click Close.

    • Re-direct the user to this website: Specify a URL to go to when a user submits the login notification screen.

  3. You can also specify the action SecureLogin uses when users cancel a prompt to save their credentials.. For this, select Enable action when user cancels to change their password. You can specify one of the following actions:

    • Click this button: Select a button on the application that SecureLogin clicks when a user submits the screen.

    • Type the following keystrokes: Define the commands or keystrokes SecureLogin enters to submit the login screen. To record keystrokes:

      1. Click Start.

      2. Specify the keystrokes.

      3. After you have recorded the keystrokes, click Close.

    • Re-direct users to this website: Specify a URL to go to when users cancel the change password prompt.

Defining the Matching Criteria

SecureLogin must uniquely identify each application screen in order to run an application definition. If SecureLogin cannot uniquely identify a particular application screen, you can manually define the matching criteria. Use the Matching criteria menu to define the matching criteria.

  1. If you select No. Use minimal rules based on your previous selections, SecureLogin uses the rules defined in previous attribute panels to identify and handle the password change.

  2. If you select Yes. Use additional Wizard generated rules, you can add, modify, or remove rules. Your matching criteria must include at least one rule. :

  3. By default, Use Wizard generated rules is selected. The Rules text box lists the controls that are detected by SecureLogin.

To modify a rule for a control:

  1. Select the rule you want to edit, then click Configure more detailed match for this control

  2. Define what SecureLogin must match. You can set the following matching rule:

    • SecureLogin is to match value displayed: If you select this option, SecureLogin only matches those screens that exactly match the displayed text and rules identified.

To verify regular expression:

  1. Click Test Match to verify if your regular expression is correct.

    If a regular expression does not match any control on the application screen, SecureLogin prompts you to verify your regular expression and select the correct control.

To delete a rule:

  1. To delete a rule, select the rule, then click Remove.

You have successfully completed creating an application definition for a Web application. The next time you launch the application, SecureLogin provides the credentials for you.